Author: joeyh Date: 2006-10-31 09:14:26 +0100 (Tue, 31 Oct 2006) New Revision: 4901 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-10-30 20:56:32 UTC (rev 4900) +++ data/CVE/list 2006-10-31 08:14:26 UTC (rev 4901) @@ -1,8 +1,204 @@ -CVE-2006-5740 [wireshark LDAP dissector issue] +CVE-2006-5611 (Unspecified vulnerability in Toshiba Bluetooth Stack before 4.20.01 ...) + TODO: check +CVE-2006-5610 (PHP remote file inclusion vulnerability in player/includes/common.php ...) + TODO: check +CVE-2006-5609 (Directory traversal vulnerability in dir.php in TorrentFlux 2.1 allows ...) + TODO: check +CVE-2006-5608 (SQL injection vulnerability in Extended Tracker (xtracker) 4.7 before ...) + TODO: check +CVE-2006-5607 (Directory traversal vulnerability in /cgi-bin/webcm in INCA IM-204 ...) + TODO: check +CVE-2006-5606 + RESERVED +CVE-2006-5605 (Multiple cross-site scripting (XSS) vulnerabilities in ...) + TODO: check +CVE-2006-5604 (Directory traversal vulnerability in phpcards.header.php in phpCards ...) + TODO: check +CVE-2006-5603 (SQL injection vulnerability in pop_mail.asp in Snitz Forums 2000 ...) + TODO: check +CVE-2006-5600 (Axalto Protiva 1.1, possibly only non-commercial versions, stores ...) + TODO: check +CVE-2006-5599 (Cross-site scripting (XSS) vulnerability in Oracle Application Express ...) + TODO: check +CVE-2006-5598 (Cross-site scripting (XSS) vulnerability in index.php for GOOP Gallery ...) + TODO: check +CVE-2006-5597 (join.asp in MiniHTTP Web Forum & File Server PowerPack 4.0 allows ...) + TODO: check +CVE-2006-5596 (Directory traversal vulnerability in the SSL server in AEP Smartgate ...) + TODO: check +CVE-2006-5595 (Unspecified vulnerability in the AirPcap support in Wireshark ...) + TODO: check +CVE-2006-5594 (PHP remote file inclusion vulnerability in University of British ...) + TODO: check +CVE-2006-5593 (Buffer overflow in Desknet''s (niokeru) before 5.0J R1.0 might allow ...) + TODO: check +CVE-2006-5592 (Admin/adpoll.asp in PacPoll 4.0 and earlier allows remote attackers to ...) + TODO: check +CVE-2006-5591 (Multiple SQL injection vulnerabilities in Admin/check.asp in PacPoll ...) + TODO: check +CVE-2006-5590 (PHP remote file inclusion vulnerability in index.php in ArticleBeach ...) + TODO: check +CVE-2006-5589 (Multiple SQL injection vulnerabilities in LedgerSMB (LSMB) 1.1.0 and ...) + TODO: check +CVE-2006-5588 (Multiple PHP remote file inclusion vulnerabilities in CMS Faethon 2.0 ...) + TODO: check +CVE-2006-5587 (Multiple PHP remote file inclusion vulnerabilities in MDweb 1.3 and ...) + TODO: check +CVE-2006-5586 + RESERVED +CVE-2006-5585 + RESERVED +CVE-2006-5584 + RESERVED +CVE-2006-5583 + RESERVED +CVE-2006-5582 + RESERVED +CVE-2006-5581 + RESERVED +CVE-2006-5580 + RESERVED +CVE-2006-5579 + RESERVED +CVE-2006-5578 + RESERVED +CVE-2006-5577 + RESERVED +CVE-2006-5576 + RESERVED +CVE-2006-5575 + RESERVED +CVE-2006-5574 + RESERVED +CVE-2006-5573 + RESERVED +CVE-2006-5572 + RESERVED +CVE-2006-5571 (Stack-based buffer overflow in /scripts/cruise/cws.exe in CruiseWorks ...) + TODO: check +CVE-2006-5570 (Directory traversal vulnerability in /scripts/cruise/cws.exe in ...) + TODO: check +CVE-2006-5569 (FtpXQ Server 3.0.1 installs with two default testing accounts, which ...) + TODO: check +CVE-2006-5568 (FtpXQ Server 3.0.1 allows remote attackers to cause a denial of ...) + TODO: check +CVE-2006-5567 (Multiple heap-based buffer overflows in AOL Nullsoft WinAmp before ...) + TODO: check +CVE-2006-5566 (CRLF injection vulnerability in premium/index.php in Shop-Script ...) + TODO: check +CVE-2006-5565 (CRLF injection vulnerability in MAXdev MD-Pro 1.0.76 allows remote ...) + TODO: check +CVE-2006-5564 (Cross-site scripting (XSS) vulnerability in user.php in MAXdev MD-Pro ...) + TODO: check +CVE-2006-5563 (Unspecified vulnerability in Yahoo! Messenger (Service 18) before ...) + TODO: check +CVE-2006-5562 (PHP remote file inclusion vulnerability in include/database.php in ...) + TODO: check +CVE-2006-5561 (SQL injection vulnerability in admincp.php in Discuz! GBK 5.0.0 allows ...) + TODO: check +CVE-2006-5560 (Cross-site scripting (XSS) vulnerability in heading.php in Boesch ...) + TODO: check +CVE-2006-5559 (The ADODB.Connection 2.7 ActiveX control object (ADODB.Connection.2.7) ...) + TODO: check +CVE-2006-5558 (Format string vulnerability in the swask command in HP-UX B.11.11 and ...) + TODO: check +CVE-2006-5557 (Stack-based buffer overflow in the (1) swpackage and (2) swmodify ...) + TODO: check +CVE-2006-5556 (Buffer overflow in the localtime_r function, and certain other ...) + TODO: check +CVE-2006-5555 (PHP remote file inclusion vulnerability in constantes.inc.php in ...) + TODO: check +CVE-2006-5554 (Directory traversal vulnerability in index.php in Imageview 5 allows ...) + TODO: check +CVE-2006-5553 (Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 ...) + TODO: check +CVE-2006-5552 (Heap-based buffer overflow in RevilloC MailServer 1.21 and earlier ...) + TODO: check +CVE-2006-5551 (Stack-based buffer overflow in QK SMTP 3.01 and earlier might allow ...) + TODO: check +CVE-2006-5550 (The kernel in FreeBSD 6.1 and OpenBSD 4.0 allows local users to cause ...) + TODO: check +CVE-2006-5549 (** DISPUTED ** ...) + TODO: check +CVE-2006-5548 (PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in Open ...) + TODO: check +CVE-2006-5547 (PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in Open ...) + TODO: check +CVE-2006-5546 (PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in Open ...) + TODO: check +CVE-2006-5545 (Premium Antispam in Symantec Mail Security for Domino Server 5.1.x ...) + TODO: check +CVE-2006-5544 (Visual truncation vulnerability in Microsoft Internet Explorer 7 ...) + TODO: check +CVE-2006-5543 (PHP remote file inclusion vulnerability in misc/function.php3 in PHP ...) + TODO: check +CVE-2006-5542 (backend/tcop/postgres.c in PostgreSQL 8.1.x before 8.1.5 allows remote ...) + TODO: check +CVE-2006-5541 (backend/parser/parse_coerce.c in PostgreSQL 7.4.1 through 7.4.14, ...) + TODO: check +CVE-2006-5540 (backend/parser/analyze.c in PostgreSQL 8.1.x before 8.1.5 allows ...) + TODO: check +CVE-2006-5539 (PHP remote file inclusion vulnerability in login/secure.php in ...) + TODO: check +CVE-2006-5538 (D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allows remote ...) + TODO: check +CVE-2006-5537 (Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/webcm ...) + TODO: check +CVE-2006-5536 (Directory traversal vulnerability in cgi-bin/webcm in D-Link DSL-G624T ...) + TODO: check +CVE-2006-5535 (Multiple cross-site scripting (XSS) vulnerabilities in WebHostManager ...) + TODO: check +CVE-2006-5534 (Multiple cross-site scripting (XSS) vulnerabilities in index.htm in ...) + TODO: check +CVE-2006-5533 (Multiple PHP remote file inclusion vulnerabilities in AROUNDMe 0.6.9, ...) + TODO: check +CVE-2006-5532 (Cross-site scripting (XSS) vulnerability in rmgs/images.php in RMSOFT ...) + TODO: check +CVE-2006-5531 (PHP remote file inclusion vulnerability in embedded.php in Ascended ...) + TODO: check +CVE-2006-5530 (Multiple cross-site scripting (XSS) vulnerabilities in Boesch SimpNews ...) + TODO: check +CVE-2006-5529 (Cross-site scripting (XSS) vulnerability in ...) + TODO: check +CVE-2006-5528 (Directory traversal vulnerability in mod.php in SchoolAlumni Portal ...) + TODO: check +CVE-2006-5527 (PHP remote file inclusion vulnerability in lib.editor.inc.php in ...) + TODO: check +CVE-2006-5526 (Multiple PHP remote file inclusion vulnerabilities in Teake Nutma ...) + TODO: check +CVE-2006-5525 (Incomplete blacklist vulnerability in mainfile.php in PHP-Nuke 7.9 and ...) + TODO: check +CVE-2006-5524 (Cross-site scripting (XSS) vulnerability in index.php in phplist ...) + TODO: check +CVE-2006-5523 (PHP remote file inclusion vulnerability in common.php in EZ-Ticket ...) + TODO: check +CVE-2006-5522 (Multiple PHP remote file inclusion vulnerabilities in Johannes Erdfelt ...) + TODO: check +CVE-2006-5521 (PHP remote file inclusion vulnerability in DNS/RR.php in Net_DNS 0.03 ...) + TODO: check +CVE-2006-5520 (PHP remote file inclusion vulnerability in functions.php in ...) + TODO: check +CVE-2006-5519 (PHP remote file inclusion vulnerability in ...) + TODO: check +CVE-2006-5518 (Multiple PHP remote file inclusion vulnerabilities in Christopher ...) + TODO: check +CVE-2006-5517 (Multiple PHP remote file inclusion vulnerabilities in Rhode Island ...) + TODO: check +CVE-2006-5516 (Multiple cross-site scripting (XSS) vulnerabilities in ...) + TODO: check +CVE-2006-5515 (Cross-site scripting (XSS) vulnerability in lib-history.inc.php in ...) + TODO: check +CVE-2006-5514 (SQL injection vulnerability in quiz.php in Web Group Communication ...) + TODO: check +CVE-2006-5513 (SQL injection vulnerability in GeoNetwork opensource before 2.0.3 ...) + TODO: check +CVE-2005-4814 (Unrestricted file upload vulnerability in Segue CMS before 1.3.6, when ...) + TODO: check +CVE-2006-5740 (Unspecified vulnerability in the LDAP dissector in Wireshark (formerly ...) - wireshark <unfixed> (bug #396258; medium) -CVE-2006-5602 [Xsupplicant "eap_do_notify()" Buffer Overflow Vulnerability] +CVE-2006-5602 (Multiple memory leaks in xsupplicant before 1.2.6, and possibly other ...) - xsupplicant <unfixed> (bug #396204; medium) -CVE-2006-5601 [Xsupplicant "eap_do_notify()" Buffer Overflow Vulnerability] +CVE-2006-5601 (Stack-based buffer overflow in xsupplicant before 1.2.6, and possibly ...) - xsupplicant <unfixed> (bug #396204; medium) CVE-2006-XXXX [several possible mysql 5.0 local DoS vulnerabilities] - mysql-dfsg-5.0 5.0.26-1 (low) @@ -91,15 +287,13 @@ CVE-2006-5471 (PHP remote file inclusion vulnerability in example/lib/grid3.lib.php ...) NOT-FOR-US: Softerra PHP Developer Library CVE-2006-5470 - RESERVED -CVE-2006-5469 [Wireshark WBXML dissector issue] - RESERVED + REJECTED +CVE-2006-5469 (Unspecified vulnerability in the WBXML dissector in Wireshark ...) - wireshark <unfixed> (bug #396258; medium) -CVE-2006-5468 [Wireshark HTTP dissector issue] - RESERVED +CVE-2006-5468 (Unspecified vulnerability in the HTTP dissector in Wireshark (formerly ...) - wireshark <unfixed> (bug #396258; medium) -CVE-2006-5467 - RESERVED +CVE-2006-5467 (The cgi.rb CGI library for Ruby 1.8 allows remote attackers to cause a ...) + TODO: check CVE-2006-5466 RESERVED CVE-2006-5465 @@ -1498,8 +1692,7 @@ RESERVED CVE-2006-4806 RESERVED -CVE-2006-4805 [wireshark XOT dissector issue] - RESERVED +CVE-2006-4805 (epan/dissectors/packet-xot.c in the XOT dissector (dissect_xot_pdu) in ...) - wireshark <unfixed> (bug #396258; medium) CVE-2006-4804 RESERVED @@ -2000,8 +2193,7 @@ RESERVED CVE-2006-4575 RESERVED -CVE-2006-4574 [Wireshark MIME Multipart dissector issue] - RESERVED +CVE-2006-4574 (Off-by-one error in the MIME Multipart dissector in Wireshark ...) - wireshark <unfixed> (bug #396258; medium) CVE-2006-4573 (Multiple unspecified vulnerabilities in the "utf8 combining characters ...) - screen 4.0.3-0.1 (bug #395225; medium) @@ -2174,8 +2366,7 @@ RESERVED CVE-2006-4514 RESERVED -CVE-2006-4513 [wvware Multiple Integer Overflow Vulnerabilities] - RESERVED +CVE-2006-4513 (Multiple integer overflows in the WV library in wvWare (formerly ...) - wv <unfixed> (bug #396256; medium) CVE-2006-4512 RESERVED @@ -5265,7 +5456,7 @@ NOT-FOR-US: Open-Realty CVE-2006-3147 (Unspecified vulnerability in Hosting Controller before 6.1 (aka Hotfix ...) NOT-FOR-US: Hosting Controller -CVE-2006-3146 (The TOSRFBD.SYS driver for Toshiba Bluetooth Stack 4.00.23 and earlier ...) +CVE-2006-3146 (The TOSRFBD.SYS driver for Toshiba Bluetooth Stack 4.00.29 and earlier ...) NOT-FOR-US: Toshiba drivers for Windows CVE-2006-3145 (Buffer overflow in pamtofits of NetPBM 10.30 through 10.33 allows ...) - netpbm-free <not-affected> (Debian''s version is too old; affects 10.30 to 10.33 only)